Commentary

Cisco Retreats From New Privacy Policy

It was supposed to be a user-friendly update. But Cisco's rollout of its new cloud service has turned into a textbook example of what not to do when tinkering with consumers' products.

Last week, Cisco updated some of its Linksys Wi-Fi routers by automatically moving users to its Connect Cloud system. The company touts the cloud-based system as a benefit because it enables people to manage their routers remotely. But, as Cisco found out, not all users see the need for that type of service, or appreciate Cisco making the decision to upgrade for them.

What's more, the new Connect Cloud service comes with a different privacy policy -- one that initially gave Cisco far more rights to use consumers' data than in the past. Last week, that policy included the following unsettling language:

"When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to ... which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); internet history; how frequently you encounter errors on the Service system and other related information."

Between last Wednesday and now Cisco deleted that language, but a cached version is still available. As ExtremeTech points out, the deletion isn't all that reassuring because Cisco also reserves the right to update its privacy policy at any time.

Last Friday, Cisco said in a blog post that the company doesn't "actively track, collect or store personal info or usage data." The company also says that its cloud-based service was only sent to consumers who opted in to automatic updates -- though others report that certain routers were shipped updates enabled by default. Regardless, Cisco has posted instructions telling consumers how to roll back the update.

In another surprise for users, the Connect Cloud terms of service includes a requirement that consumers won't use the service "for obscene, pornographic, or offensive purposes," or "to infringe another's rights, including but not limited to any intellectual property rights," or to send any "unsolicited or unauthorized advertising."

Needless to say, some of those conditions would almost certainly be unconstitutional if the government tried to impose them. After all, plenty of judges have ruled that people have the free speech right to say things that others find "offensive."

And, while people might not have a constitutional right to infringe copyright, figuring out whether particular speech violates copyright or constitutes a fair use isn't always easy. Certainly Cisco isn't in the best position to decide that question.

Of course, private companies aren't required to follow the same rules as the government. But that doesn't mean it's a good idea for Cisco -- or any other company that enables people to communicate online -- to ignore those rules.

Next story loading loading..